54 lines
1.5 KiB
Nix
54 lines
1.5 KiB
Nix
{
|
|
pkgs,
|
|
...
|
|
}:
|
|
pkgs.writeShellApplication {
|
|
name = "qemu-aarch64-uefi-tpm";
|
|
|
|
runtimeInputs = with pkgs; [
|
|
qemu
|
|
swtpm
|
|
];
|
|
|
|
text =
|
|
let
|
|
tpmOVMF = pkgs.OVMF.override {
|
|
tpmSupport = true;
|
|
secureBoot = true;
|
|
};
|
|
in
|
|
''
|
|
set -ex
|
|
state="/tmp/patos-qemu-$USER"
|
|
rm -rf "$state"
|
|
mkdir -m 700 "$state"
|
|
qemu-img create -f qcow2 -F raw -b "$(readlink -e "$1")" "$state/disk.qcow2" 2G
|
|
|
|
OVMF_FD=$(nix-build '<nixpkgs>' --no-out-link -A OVMF.fd --system aarch64-linux)
|
|
cp "$OVMF_FD/AAVMF/vars-template-pflash.raw" "$state/vars-pflash.raw"
|
|
chmod u+w "$state/vars-pflash.raw"
|
|
|
|
# swtpm socket -d --tpmstate dir="$state" \
|
|
# --ctrl type=unixio,path="$state/swtpm-sock" \
|
|
# --tpm2 \
|
|
# --log file="$state/swtpm.log",level=20
|
|
|
|
qemu-system-aarch64 \
|
|
-machine virt,gic-version=max \
|
|
-cpu max \
|
|
-smp 8 \
|
|
-m 4G \
|
|
-display none \
|
|
-serial stdio \
|
|
-drive "if=pflash,format=raw,unit=0,readonly=on,file=$OVMF_FD/AAVMF/QEMU_EFI-pflash.raw" \
|
|
-drive "if=pflash,format=raw,unit=1,file=$state/vars-pflash.raw" \
|
|
-device virtio-scsi-pci \
|
|
-device virtio-gpu-pci \
|
|
-device virtio-net-pci,netdev=wan \
|
|
-netdev user,id=wan \
|
|
-device virtio-rng-pci,rng=rng0 \
|
|
-object rng-random,filename=/dev/urandom,id=rng0 \
|
|
-device virtio-serial-pci \
|
|
-drive "format=qcow2,file=$state/disk.qcow2"
|
|
'';
|
|
}
|